CVE-2025-61955

CWE-955 documents5 sources
Severity
8.5HIGH
EPSS
0.0%
top 91.64%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
F5 F5os - ApplianceF5 F5os - ChassisF5 F5os-a+1 more
Timeline
PublishedOct 15
Latest updateOct 16

Description

A vulnerability exists in F5OS-A and F5OS-C systems that may allow an authenticated attacker with local access to escalate their privileges. A successful exploit may allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages4 packages

NVDf5/f5os-a1.5.11.5.4+1
NVDf5/f5os-c1.8.01.8.2+1
CVEListV5f5/f5os_-_chassis1.8.01.8.2+1
CVEListV5f5/f5os_-_appliance1.8.01.8.3+1

🔴Vulnerability Details

2
CVEList
F5OS vulnerability2025-10-15
GHSA
GHSA-p73g-98vh-rvr5: A vulnerability exists in F5OS-A and F5OS-C systems that may allow an authenticated attacker with local access to escalate their privileges2025-10-15

📋Vendor Advisories

1
F5
CVE-2025-61955: A vulnerability exists in F5OS-A and F5OS-C systems that may allow an authenticated attacker with local access to esc...2025-10-15

🕵️Threat Intelligence

1
Unit42
Threat Brief: Nation-State Actor Steals F5 Source Code and Undisclosed Vulnerabilities2025-10-16
CVE-2025-61955 (HIGH CVSS 8.5) | A vulnerability exists in F5OS-A an | cvebase.io